Security & Compliance Manager

Inforcer is a leading provider of innovative solutions in the cybersecurity sector and dedicated to enhancing efficiency, improving security and driving success for our clients. We focus on providing MSPs with fundamental tools and technology they need to manage Microsoft Security policies for multiple tenants in a simple and effective way. Our mission is to be Enforced in every MSP!

We are seeking a Security & Compliance Manager to own and operationalise our information security, risk, and compliance framework as we scale through Series B toward Series C.

You will ensure our security controls, policies, and certifications — including ISO 27001 and SOC 2 readiness — remain current, audit‑ready, and embedded into day‑to‑day operations. This is a hands‑on role with clear ownership, ideal for someone who enjoys building structure, bringing clarity, and acting as the connective tissue between Legal, IT, and the wider business.

• Ensure security is embedded in the design, implementation, and operation of internal IT systems.
• Partner with IT to ensure infrastructure is secure, scalable, cost‑effective, and aligned with business strategy.
• Support automation, modern workplace adoption, and digital enablement initiatives with appropriate controls.
Security and Compliance
• Lead and maintain compliance across ISO 27001, SOC 2 readiness and progression, GDPR and UK DPA 2018, and other applicable regulatory and customer requirements.
• Own Inforcer’s information security roadmap, risk register, and incident response framework.
• Coordinate all external audits, certifications, and assurance activities.
• Embed data governance and privacy‑by‑design principles across operational processes.
Policy Ownership and Governance
• Act as the single accountable owner for Inforcer’s security, risk, and compliance policy framework.
• Own the annual review, update, approval, and version control cycle for all policies.
• Key policies include Acceptable Use Policy, Business Continuity Plan, Data Protection Policy, Disaster Recovery Plan, Incident Response Plan, and Risk Assessment Policy.
• Coordinate policy reviews with IT, Legal, Engineering, and Finance.
• Ensure policies are accessible, clearly communicated, and embedded in daily operations.
• Track and remediate gaps where policies are outdated or misaligned with certifications or organisational growth.
Supplier Governance and Procurement
• Ensure technology and SaaS suppliers meet contractual, security, and compliance standards.
• Support due diligence and ongoing supplier risk assessments with Legal and Finance.
Trust, Risk, and Assurance
• Develop and maintain trust and compliance reporting, including dashboards for audit readiness, policy status, and risk posture.
• Ensure reporting to SLT, ELT, and the Board is accurate, consistent, and defensible.
Leadership and Culture
• Champion a culture of security awareness, transparency, and continuous improvement.
• Deliver training and awareness programmes across the business.
What We Can Offer You
• Competitive Compensation: Attractive salary, pension contribution scheme through Nest, competitive annual leave allowance.
• Work‑Life Balance: Flexible working hours and hybrid/remote working options to support a healthy work‑life balance.
• Regular Team Socials: We celebrate our team, our milestones, and our new businesses with social events every month.
• Investing in Your Future: We encourage a growth mindset through proactive development opportunities such as continuous learning opportunities, professional training programs, and career advancement paths.
• Inclusive Environment: A supportive and inclusive workplace that values diversity and encourages collaboration and innovation.
• Employee Recognition: Programs to recognise and reward employees for their contributions and achievements.
Skills We Need for This Role
• Strong operational experience in information security and compliance within a SaaS or technology‑led environment.
• Hands‑on knowledge of ISO 27001, SOC 2, GDPR, and risk management practices.
• Experience coordinating audits and certifications end‑to‑end.
• Solid understanding of cloud infrastructure, ideally Microsoft 365 and Azure.
• Comfortable influencing senior stakeholders without formal authority.
• Highly organised and detail‑oriented.
• A genuine commitment to trust, transparency, and accountability.

Don’t quite have all of these skills? Why not apply and our team can review your experience and fit for the role. We’d love to hear from you!

Inforcer is an equal opportunity employer. We celebrate diversity and are committed to inclusive environment for all employees.